WP4FB database error

[Andre]

Still irritated. My hoster surely set both to off.

I get this warning: WARNING! BPS has detected that Safe Mode is set to On in your php.ini file.
If you see errors that BPS was unable to automatically create the backup folders this is probably the reason why.
To remove this message permanently click here.

And cURL scan doesnt get me results and still causes an entry in php error log … 🙂

[AITpro Admin]

Whatever new mistake your host has made have them change everything back the way it was.  open_basedir might have worked years ago, but every amateur hacker knows how to beat it now == useless.

[Andre]

So, conclusion is:

Turn open base dir on again as it was before,right? And let safe mode off (which naturally was anyway off, I think)

[AITpro Admin]

Yep, put everything back the way it was.  If cURL still does not work then unfortunately cURL will not work on your Host due to whatever Server configuration problems they have/are doing.

[AITpro Admin]

Also this may be completely intentional.  cURL in the wrong hands is very, very dangerous.  Your host may have security restrictions in place to block cURL.  You will need to check with them and send them the error messages to confirm this.

[Andre]

Okay, I have sent over…. lets wait

And yes, might be well intentional. Security is an advanced topic for them…

[Andre]

Will this help running the wp4fb? Got lost a bit…  Cause I still cannot use it really, this image.php thing

[AITpro Admin]

The only error I found in your Security log that showed that BPS was blocking something was the original error you posted.  If you want to confirm that this plugin problem is not related to BPS then do the standard troubleshooting steps here.  You do not necessarily have to do all of them.  The 2 obvious areas where there could be an issue would be the .htaccess files – Root and wp-admin or the Plugin Firewall .htaccess files.

http://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting

[AITpro Admin]

Since your Host is obviously doing some things that cause BPS Pro cURL not to work then it is very possible that this is also causing a problem for the other plugin.

[Andre]

Hi,

he rolled everything back 🙂
And the console for cURL wasnt active but is now…

EDIT:
The bypass rule You entered for WP4FB is active, open base dir is set back and safe mode is off. Still I cannot use WB4FB really, cause the image upload inside it wont be allowed. I think I need to turn BPS completely off for as long as I am working with it…  ;-(

EDIT 2: 
And cURL scan still doesnt work… ;-( ;-(

EDIT 3:
I also have sent the security log entries to the support from WP4FB which somtimes is a bit slower. I will try to whitelist the script manually… then.

[Andre]

I find it curious, that on this site the cURL scan doesnt work, because on my other site, running on the same host in my reseller hosting environment You used it to scan for  finding /spam-free-wordpress/(.*).php…or did You use the cURL scan from Your site to scan mine?

Could You maybe please scan my URL, so that I would know, which scripts of WP4FB are blocked? Otherwise, maybe because the site is running behind an SSL cert, this could be also a problem?

Cheers.
Andre

EDIT:
You must have used the cURL scan from Your site, cause from my other site it wont scan this site where WP4FB runs on, it doesnt work also. I also have another site with Pro installed from my old root server, where I moved away from, I will try this too. The result looks like in the screener. https: //www.dropbox.com/s/0710u9sz8b4dz39/cURLscan-yellow-box.jpeg

[AITpro Admin]

The cURL Multi page scanner can be used from any site to scan another site.  😉  Or in other words, if I wanted to get all the plugin scripts that need to be whitelisted in the Plugin Firewall for another site I can run the cURL Multi page scanner on that site.  You are the first person that has reported a problem with the cURL scanner not working so there may be other sites where the cURL scanner does not work.  I am pushing hard to complete Login Security in BPS Pro 5.8 and am days away from getting that released.  I would like to find out why this problem is occurring on your site, but would also like to put this issue on hold until BPS Pro 5.8 is released since this is a low priority issue.

I should have mentioned this sooner.  I always try to design/code for scenarios where something might not work on a particular website/Server/Host and provide alternative methods/features/options.  In the case of the Plugin Firewall there are many different ways to get/find plugin scripts that need to be whitelisted.  Example:  On some folks websites/Servers/Hosts the Plugin Firewall Test Mode does not work correctly due to Server configurations so the cURL Multi page scanner is an alternative method.  The Security Log can be checked and plugin script paths can be copied and pasted into the Whitelist Text area.

Before I do anything regarding WP4FB I would need for you to do the BPS Pro troubleshooting steps and take BPS out of the equation so that I know for sure that BPS is causing this issue.

1. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button. See Custom Code Note if doing this step works.
2. On the Security Modes page, click the wp-admin Folder BulletProof Mode Deactivate button.  See Custom Code Note if doing this step works.
3. On the Security Modes page, click the Plugin Firewall BulletProof Mode Deactivate button.
4. On the Security Modes page, click the UAEG BulletProof Mode Deactivate button.
5. If an issue/problem is related to files being locked with F-Lock then unlock files on the F-Lock page.
6. If an issue/problem is related to Login Security turn Off Login Security on the Login Security & Monitoring page.
7. If an issue/problem is related to JTC Anti-Spam|Anti-Hacker turn Off JTC Anti-Spam|Anti-Hacker on the JTC Anti-Spam|Anti-Hacker page.
8. If an issue/problem is related to a custom php.ini file (if you created a custom php.ini file for your website) rename it to php.ini.BAK
9. If an issue/problem is related to files being autorestored and/or quarantined turn Off AutoRestore|Quarantine on the AutoRestore page. Note: If you are manually editing or uploading files to your website see the AutoRestore|Quarantine Manual File Editing/Uploading Correct Usage steps:http://forum.ait-pro.com/forums/topic/autorestore-quarantine-guide-read-me-first/#procedural-steps

If it works at this point then I need for you to activate things one by one and test to isolate where the issue/problem is.

Example:  Activate Root BulletProof Mode – test,  Activate wp-admin BulletProof Mode – test, etc

[Andre]

Yes, perfect. Thats my preferred way.

[Andre]

Okay. After deactivating the way You told me, the WP4FB plugin worked just fine. Then I tried to activate secure root. Wanted to test wp4fb again, but get a 500 error, cause the wp-admin should be secured also, what BPS wants. now I am stuck, cause I cant get it back to run on the network site.

[Andre]

I just deactivated BPS cause I need to finish that facebook page.

[Author]

Posts